You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

I work as a computer tech at a PC repair shop, and I've encountered a newer version of the moneypak (FBI, Department of Defense, etc.) virus.

In the past, I've tried one of the following:

Hitman's Kickstart

Booting into safe mode (w/ networking or only CMD if required) and then running Malwarebytes, ComboF, etc.

Booting into Mini XP/Linux off of a USB or CD and then manually removing the infection from AppData/Program Data, etc.

None of these methods have worked so far, though. It's an All-In-One HP (Win7) with a PITA process of removing the HDD, so I would rather not take the HDD out and scan it if I don't have to.

I can boot into safe mode (w/ CMD) but whenever I run anything (whether it's rkill, combofix, TDSS Killer, etc. Even JRT) the virus locks up the screen. I have to log out and log back in for it to work again, only start as soon as a new process is run. I tried Kickstart with Hitman, but the results found no malware at all.

On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.